CVE-2025-24886 Information

Description

pwn.college is an education platform to learn about and practice core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users (admin not required) to perform an LFI from the CTFd container. When a user clones or updates repositories a check is performed to see if the repository had contained any symlinks. A malicious user could craft a repository with symlinks pointed to sensitive files and then retrieve them using the CTFd website.

Reference

https://github.com/pwncollege/dojo/security/advisories/GHSA-fcq8-jqq5-9xmh